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AppL No. 09/6^3,892 

Amdt dated July 30, 2004 

Reply to office action of April 30, 2004 

Amendments to the Clflimsi 

This listing of claims will replace all prior versions, and listings, of claims in the 

Claim 1 (currently amended): A method of securely conveying a data product, the method 
comprising the steps of: 

establishing an authorization key that defines (i) verification inforaiation indicative 
of at least one authorised entity and (ii) a cryptographic key to the data produc t, wherein 
said verific atioTi iTif nnnation includes a data storage medium ID: 

encrypting the authorization key, thereby producing an encrypted authorization key 
that can be decrypted using a decryption key; and 

providing the encrypted authorization key to a system that (i) has access to the 
decryption key and can therefore decrypt the encrypted authorization key and (ii) is 
programmed to decrypt the authorization key and to use the verification information to 
validate use of the data produc t wherein said data storag e medium ID is used to validate 
that a data storage medium is authorized to store the data product . 

Claim 2 (original): The method of claim 1, fiarther comprising the steps of: 
receiving the encrypted authorization key; 

using the decryption key to decrypt the encrypted authorization key, and thereby 
uncovering the verification information and the cryptographic key to the data product; and 
using The verification intormation to validate use of the data product. 

Claim 3 (original): The method of claim 2, wherein using the verification information to 
validate use of the data product comprises comparing at least a portion of the verification 
information to predetermined information associated with the system, to determine 
whether the system is authorized to use the data product. 
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Appl. No. 09/663,S92 

Amdt. dated July 30, 2004 

Reply to ofQce aotion of April 30, 2004 

Claim 4 (original): The method of claim 3, wherein the predetermined information 
associated with the system comprises a system ID, 

key to the system comprises sending the encrypted authorization key to the system via a 

wireless commimicatioM network. 

Cliiitt 6 (driginil): The method of claim 1, wherein providing the encrypted authorization 
key to flie system comprises recording the encrypted authorization key on a data storage 
medium and then providing the data storage medium to the system. 

Claim 7 (original); The method of claim 6, further comprising the steps of: 

the system reading the encrypted authorization key &om the data storage medium; 
the system using the decryption key to decrypt the encrypted authorization key and 

thereby uncovering the verification information and the cryptographic key to the data 

product; and 

the system using the verification information to validate use of the data product. 

Claim 8 (currently amended): The method of claim 7 1^ wherein using th e v e rifiootion 
information to validat e u$ e of th e data product oompiiooo Qomporing at loa s t a portion of 
th e v e rification information to prodotoi'minod information oaaociated with the data storage 
medium is a portable data storage mediim i i to d e tarmin e wh a thar tho data fitorap a m e dimn 
I g ^uthoriz e d to stor e th e data product. 

Claim 9 (currently amended): The method of claim 8* wherein the pr e deteimi ged 
Liformation asflooiat e d - with th e portable data storage medium is a flash medium or a 
PCMCIA card oompriso s- a - data stompo modium ID . 
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AppL No. 09/663,892 

Amdt, dated July 30, 2004 

Reply to office action of April 30, 2004 

Claim 10 (original): The method of claim 1, wherein the data product comprises a 
database of geographic information. 

Claim 1 1 (original): A method of securely conveying data, the method comprising the 
steps of: 

assembling a set of authorization parameters associated with the data; 

computing a first checksum of the set of authorization parameters; 

generating a first cryptographic key substantially randomly; 

uain^ Lhe first cryptogr^hic key to symmetrically encrypt the set of authorization 
parameters, so as to produce an encrypted set of authorization parameters; 

encrypting a combination of the first cryptographic key and the first checksum, so 
as to produce a header value that can be decrypted using a second cryptographic key; and 

providing the header value, together with the data, for access by a receiving end 

Claim 12 (original): The method of claim 1 1, further coraprisiug the following steps 
performed at the receiving end: 

using the second cryptographic key to decrypt the header value, so as to produce an 
decrypted header value; 

retrieving the first cryptographic key and first checksum finom the decrypted header 

value; 

using the first cryptographic key to decrypt the encrypted set of authorization 
parameters; 

computing a second checksum of the set of authorization parameters; 

comparing the second checksum with the first checksum, and refusing to access the 

data if tViP RPirritiH <*;lieck5nm does not match the firet checkcum; and 

using the set of authorization parameters to verify authorization to access the data. 

Claim 13 (original): The mathcvl nf ninim 1 7, frirthr;^ o-omprisins ennfyptuig th^ data 
before providing the data and header value for access by the receiving end. 
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Arndt dated July 30, 2004 

Reply to office action of April 30, 2004 

Claim 14 (origraal); A method of securely conveying data, the method comprising the 
steps of: 

assembling an authorization key that includes verification infonnation indicative of 
a data storage medium on \vhicli the data is authorized to be stored; and 

encrypting the authorization key and the data, thereby producing an encrypted 
authorization key and encrypted data; 

stormy tliO Otioa^i^tocl autlirM-i T-Afi^^n Vc-y Aiid ciiOi-^plcU d».Ut. oii sx ^Iveii UuUi t^tOIUge 

medium; and 

Oiciciinci piuvidlng Oie given Caia storage meaium to a system mat is programmed to 
dectypt the authorization key and to detennine, by reference to the verification 
information whether the fiiven storage medium is the data storage medium on 
which the data is authorized to be stored. 

Claim 15 (cutrently amended): The method of claim 14, further comprising the system 
decrypting the encrypted data only if the verification information indicates that the given 
storage medium is the data storage medium on which the date data is authorized to be 
stored. 

Claim 16 (original): A method of securely communicating a data product, while allowing 
the data product to be used in connection with at least one authorized aitity, the at least 
one authorized entity having an associated identification code^ the method comprising: 

symmetrically encrypting at least a portion of the data product using a fiist 
cryptographic key, thereby producing an encrypted portion of the data product that can be 
symmetrically decrypted using the first cryptographic key; 

establishing an authorization key including verification information; 

computing a first value as a first function of mput parameters including (i) the 
identification code and (ii) a second value; 

combining the first value with the first cryptographic key to produce a third value; 

adding the third value to the authorization key; 
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Amdt. dated July 30, 2004 

Reply to office action of April 30, 2004 

thereafter using the first value as a second cryptographic key to symmetrically 
encrypt the authorization key, so as to produce an encrypted authorization key that can be 
decrypted using the first value; 

encrypting at least the second value to produce an encrypted value that can be 
decrypted using a third cryptographic key; and ' 

providing to a receiving-end at least (i) the encrypted value, (ii) the encrypted 
authorization key, and (iii) the encrypted portion of the data product, 

whereby, if the receiving end has access to the third cryptographic key and the 
input parameters, the receiving end may be able to uncover the first authorization key and 
the cryptographic key and may therefore be able to access the verification information and 
decrypt the encrypted portion of the data product. 

Claim 17 (original): The method of claim 16, wherein the data product comprises 
geographical information, the authorized entity comprises a navigation system, and the 
identification code comprises a navigation system ID* 

Claim 18 (origjiial): The method of claim 16, wherein the data product comprises 
geographical information, the authorized entity comprises a data storage device, and the 
identification code comprises a storage device ID- 
Claim 19 (original): The method of claim 16, wherein the first function comprises a hash 
fimction. 

Claim 20 (original): The method of claim 19, wherein the input parameters flirther include 
a predetermined segment of the encrypted portion of the data product. 

Claim 21 (original): The method of claim 16, wherein combining the first value with the 
first cryptogr^hic key to produce a third value comprises computing an XOR sum of the 
first value and the first cryptographic key. 
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AppL No. 09/663,892 

Amdt. dated July 30, 2004 

Reply to office action of April 30, 2004 

Claim 22 (original): The method of claim 16, wherein encrypting at least the second value 
to produce an encrypted value that can be decrypted with a third cryptogr^hic key 
comprises: 

combining the second value with a checksum of the authorization key; and 
using a public key encryption algorithm to encrypt the second value 

Claim 23 (original): The method of claim 15, further comprising the following steps; 

receiving at the receiving-end (i) the encrypted value, (ii) the encrypted 
authorization key, and (iii) the encrypted portion of the data product, 

using the third cryptographic key to decrypt the encrypted value 

computing the first value as the first fimction of the input parameters; 

using the first value as the second cryptographic key to synmietrically decrypt the 
encrypted authorization key, 

extracting the third value from the authorization key; 

using the third value and the first value to generate the first cryptogr^hic key; and 
using the first cryptographic key to symmetrically decrypt the encrypted portion of 
the data product. 

Claim 24 (original): The method of claim 23, fiirther comprising, at the receiving-end, 
verifying the checksum of the authorization key. 

Claim 25 (original): The method of claim 23, wherein using the third value and the first 
value to generate the first cryptographic key comprises computing an XOR sum of the 
third value and the first value. 

Claim 26 (original): The method of claim 23, further comprising the step of validating use 
of the data product by reference to the verification information. 
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Claim 27 (original): A method of securing a dala product against imaxithoiized use, while 
allowing the data product to be a$ed in coimection with at least one authorized entity, the 
at least one authorized entity having an associated identification code, the method 
comprising: 

symmetrically encrypting at least a portion of the data product using a first 
cryptographic key, thereby producing an encrypted portion of the data product that can be 
symmetrically decrypted using the first cryptographic key; 

establishii^ an authorization key including verification information; 

computing a first value as a first fimction of input parameters including (i) the 
identification code and (ii) a second value; 

combining the first value with the first cryptographic key to produce a third value; 

adding the third value to the authorization key; 

thereafter ucma tho firct valu« a cs^onil arvntoonrajnlita 1c»v tn n^mmatrtoAllv 
encrypt the aiithorLzation key^ so as to ptoducd an encrypted authorixation key that can be 

decrypted xising tfie first value; and 

encrypting at least the second value to produce an encrypted value that can be 
decrypted using a third cryptographic key. 

Claim 28 (original): The method of claim 27, further comprising randomly generating the 
first cryptographic key. 

Claim 29 (original): The method of claim 27, wherein the portion of the data product 
comprises the entire database. 

Claim 30 (original): The method of claim 27, wherein the portion of the data product 
comprises information required to understand contents of the data product. 
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Amdt. dated July 30, 2004 

Reply to ofiSce action of April 30, 2004 

Claim 31 (origmal): The method of claim 30, wherein the infonnatiod required to 
imderstand contentfi of the data product i$ selected from the group consisdng of (i) 
database decompression information and (ii) pointers. 

Claim 32 (original); The method of claim 27, wherein the data product comprises 
geographic information. 

Claim 33 (original): The method of claim 27, wherein the data product comprises 
geographic information, the authorized entity comprises a navigation system, and the 
identification code comprises a navigation system ID. 

Claim 34 (original): The method of claim 27, wherein the data product comprises 
geogr^hic information, the authorized entity comprises a data storage device, and the 
identification code comprises a storage device ID, 

Claim 35 (original): The method of claim 27, wherein the first fimction comprises a hash 
function. 

Claim 36 (original): The method of claim 27, wherein the input parameters further include 
a predetermined segment of the encrypted portion of the data product. 

Claim 37 (original): Hie method of claim 27, wherein combining tfie first value with the 
first cryptographic key to produce a third value comprises computing an XOR sum of the 
first value and the first cryptographic key. 
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Reply to ofQce action of April 30, 2004 

Claim 38 (original): The metfaod of claim 27, wherein encrypting at least the second value 
to produce an aicrypted value that can be decrypted with a tfrnd cryptographic key 
comprises: 

combining the second value with a checksum of the authorization key; and 
using a public key encryption algorithm to encrypt the second value 

Claim 39 (original): A system for securing a data product against imauthorized use, while 
allowing the data product to be used in connection with at least one authorized entity, the 
system compiising: 
a processor; 

a data storage medium; and 

a set of machine language instructions stored in the data storage medium and 
executable by the processor to cany out the method steps of claim 27. 
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